#
# git caching proxy
+# Suitable only for exposing to semi-trusted clients: clients are not
+# supposed to be able to take over the server. However, clients can
+# probably deny service to each other because the current
+# implementation is not very good at handling various out-of-course
+# situations (notably, clients which are too slow).
+
# usage: run it on some port, and then clone or fetch
# "git://<realhost>:<realport>/<real-git-url>[ <options>]"
# where <real-git-url> is http://<host>/... or git://<host>/...
# fetch=try use what is in the cache if the fetch/clone fails
# timeout=<seconds> length of time to allow for fetch/clone
+# example inetd.conf line:
+# 9419 stream tcp nowait git-cache /usr/bin/git-cache-proxy git-cache-proxy
+# you'll need to
+# adduser git-cache
+# mkdir /var/cache/git-cache-proxy
+# chown git-cache /var/cache/git-cache-proxy
+
+# git-cache-proxy
+# Copyright 2010 Tony Finch
+# Copyright 2013,2014 Ian Jackson
+# Copyright 2017 Citrix
+#
# git-cache-proxy is free software; you can redistribute it and/or
# modify them under the terms of the GNU General Public License as
# published by the Free Software Foundation; either version 3, or (at
# your option) any later version.
-#
+#
# git-cache-proxy is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
our $debug = 0;
our $housekeepingeverydays = 1;
our $treeexpiredays = 21;
-our $fetchtimeout = 1800;
-our $maxfetchtimeout = 3600;
+our $fetchtimeout = 3600;
+our $maxfetchtimeout = 7200;
+our $servetimeout = 3600;
our $cachedir = '/var/cache/git-cache-proxy';
our $housekeepingonly = 0;
$cachedir = $1;
} elsif (s/^--( max-fetch-timeout
| fetch-timeout
+ | serve-timeout
| tree-expire-days
| housekeeping-interval-days
)=(\d+)$//x) {
servinfo "fetch/clone failed: $fetchfail";
}
}
+ alarm 0;
if (!$exists) {
rename $tmpd, $gitd or fail "rename fresh $tmpd to $gitd: $!";
servinfo "sharing";
lockfile \*LOCK, $lock, LOCK_SH; # NB releases and relocks
- if (chdir $gitd) {
+ if (stat $gitd) {
return 1;
}
- $!==ENOENT or fail "chdir $gitd: $!";
+ $!==ENOENT or fail "stat $gitd: $!";
# Well, err, someone must have taken the lock in between
# and garbage collected it. How annoying.
next;
}
logm 'info', "housekeeping: subdirs $subdir: cleaning";
- my $ok = 1;
- foreach my $suffix (qw(tmp git)) {
- my $dir = "${subdir}\\.$suffix";
- my $errs;
- remove_tree($dir, { safe=>1, error=>\$errs });
- if (stat $dir) {
- $ok = 0;
- logm 'warning', "housekeeping: $dir: problems with".
- "deletion prevent cleanup:";
- foreach my $err (@$errs) {
- logm 'info', "problem deleting: $err->[0]: $err->[1]";
+ eval {
+ foreach my $suffix (qw(tmp git)) {
+ my $dir = "${subdir}\\.$suffix";
+ my $tdir = "${subdir}\\.tmp";
+ if ($dir ne $tdir) {
+ if (!rename $dir,$tdir) {
+ next if $! == ENOENT;
+ die "$dir: cannot rename to $tdir: $!\n";
+ }
+ }
+ system qw(rm -rf --), $tdir;
+ if (stat $tdir) {
+ die "$dir: problem deleting file(s), rm exited $?\n";
+ } elsif ($! != ENOENT) {
+ die "$tdir: cannot stat after deletion: $!\n";
}
}
- }
- if ($ok) {
+ };
+ if (length $@) {
+ chomp $@;
+ logm 'warning', "housekeeping: $subdir: cleanup prevented: $@";
+ } else {
unlink $lock or hkfail "remove $lock: $!";
}
}
}
if ($dofork) {
my $child = fork;
- defined $child or hkfail "fork: $!";
+ defined $child or fail "fork: $!";
if (!$child) {
+ open STDERR, "|logger -p daemon.warning -t '$us(housekeeping)'"
+ or die "fork: logger $!";
housekeeping();
exit 0;
}
sub runcommand () {
servinfo "serving";
- exec qw(git-upload-pack --strict --timeout=1000 .)
+
+ chdir $gitd or fail "chdir $gitd: $!";
+
+ exec qw(git-upload-pack --strict), "--timeout=$servetimeout", qw(.)
or fail "exec git-upload-pack: $!";
}
~ian / chiark-utils.git / blobdiff